Keir Fraser [Thu, 1 Oct 2009 11:33:00 +0000 (12:33 +0100)]
x86 hvm: Fix guest boot on AMD K8 machine
A bug has been introduced in Xen 3.2.2 (and still reproducable with
Xen 3.2.3) which causes the guest to freeze at boot and xen floods the
console with this message:
(XEN) platform.c:1049:d6 handle_mmio: failed to get instruction
(XEN) instrlen.c:252:d6 Cannot read from address 802eb001 (eip 802eb001, mode=2)
The problem is reproducible on AMD K8 machines.
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Keir Fraser [Fri, 19 Dec 2008 15:15:03 +0000 (15:15 +0000)]
xend: Actually restrict a domU's access to xenstore when we mean to --
this means that in some cases it cannot be owner of its own xenstore
nodes.
This bug was pointed out by Daniel Berrange at Red Hat. This patch is
my own more generic fix that automatically covers a range of callers
(albeit the patch is arguably a bit of a hack ;-).
Keir Fraser [Tue, 16 Dec 2008 15:20:48 +0000 (15:20 +0000)]
Fix race between scheduler and CPUs being offlined
Since the credit scheduler depends on cpu_core_map and cpu_sibling_map
to be populated for all CPUs marked online in cpu_online_map
(otherwise csched_cpu_pick() can get into an endless loop due to
nxt_idlers being empty and hence no bit being cleared from cpus),
sibling info must be cleared *after* removing a CPU from cpu_online_map.
But that is only reducing the original race window - since the
clearing of the CPU maps happens on the dying CPU while the scheduler
runs on an active one (generally CPU0), the scheduler must also be
enabled to deal with the potential of finding empty nxt_idlers. While
this change alone would suffice to fix the race, clearing the maps in
proper order still seems like a reasonable thing to do.
Note that this is *not* applicable to 3.3 or -unstable, since there
scheduling doesn't happen anymore while CPUs are being brought down.
Keir Fraser [Thu, 11 Dec 2008 13:36:45 +0000 (13:36 +0000)]
Fix BUILD_BUG_ON()
As was noticed on the Linux side, using an array here isn't
appropriate
if the condition is not a compile time constant - gcc allows such
arrays, and hence the intended effect of producing a compiler error is
not achieved in that case. Bit field widths do not know similar
language extensions, and hence always produce a compiler error.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
xen-unstable changeset: 18899:1419a73316e1d75d3e5d7c1530ac6ae7e7bc7fb4
xen-unstable date: Thu Dec 11 11:19:01 2008 +0000
Keir Fraser [Wed, 10 Dec 2008 14:35:38 +0000 (14:35 +0000)]
libxc: Fix memory leak in zlib usage
Any call to inflate() must be followed by inflateEnd(), otherwise the
internal zlib state is leaked.
Signed-off-by: Kevin Wolf <kwolf@suse.de>
xen-unstable changeset: 18892:b73f3646a17fa5fb9fa8edd0a5a4d70dd3353c15
xen-unstable date: Wed Dec 10 13:14:13 2008 +0000
Keir Fraser [Wed, 10 Dec 2008 14:33:28 +0000 (14:33 +0000)]
Fix existence check for MMIO-mapped 16550 UARTs
Changeset 982e6fce0e47 added an existence test for UARTs.
Unfortunately, the existence test happens before MMIO UARTs are
ioremapped, therefore it may not be probing where it thinks it's
probing. Rather than moving more code around, I think it's probably
safe to assume the arch code knows what it's doing if it passes in an
MMIO UART.
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
xen-unstable changeset: 18861:cb289056b5233b6a7799633cefdae41a91f8e071
xen-unstable date: Thu Dec 04 11:36:18 2008 +0000
Keir Fraser [Tue, 4 Nov 2008 13:15:11 +0000 (13:15 +0000)]
x86: Fix GRANT_PTE_FLAGS.
Since page table entries created through e.g. GNTTABOP_map_grant_ref
are being passed through adjust_guest_l1e(), they must not generally
get _PAGE_USER set - this will be taken care of by adjust_guest_l1e(),
and it will ensure that these don't get _PAGE_GLOBAL set
inadvertently.
Due to the implied security aspect here (_PAGE_GLOBAL getting set on
kernel pages for x86-64), I'd like to ask that this also be applied to
older maintained branches.
At the same time, set _PAGE_NX for pte-s created for grants (as long
as hardware supports it), since it should be only data pages that
remote
domains are being given access to.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
xen-unstable changeset: 18748:4ec25db9326a7e7f64a8471cbfd7b5852484757c
xen-unstable date: Mon Nov 03 10:32:54 2008 +0000
Keir Fraser [Tue, 4 Nov 2008 13:14:23 +0000 (13:14 +0000)]
x86: relax restrictions on reserved bits in L3 for 32on64 x86 guests
A 32on64 guest cannot copy an existing pinned L3 entry to use as a new
L3 because COMPAT_L3_DISALLOW_MASK contains bits which are added to L3
entries by adjust_guest_l3e (U/S & R/W) or by the hardware (A & D).
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
xen-unstable changeset: 18714:3ff349c7aeb77a0a66a53dd409751e3574a4742b
xen-unstable date: Mon Oct 27 10:08:48 2008 +0000
Keir Fraser [Tue, 21 Oct 2008 11:06:53 +0000 (12:06 +0100)]
vmx: avoid taking locks with irqs disabled
Shuffle the bits of the vmexit handler that run with EFLAGS.IF == 0 up
to the top. Otherwise we end up calling spin_lock() with interrupts
disabled, which can deadlock against the time-synchronization
rendezvous code.
Signed-off-by: Tim Deegan <Tim.Deegan@citrix.com>
xen-unstable changeset: 18658:824892134573b05573ca1945757bb2a99e220a02
xen-unstable date: Mon Oct 20 15:31:54 2008 +0100
Keir Fraser [Tue, 21 Oct 2008 11:06:23 +0000 (12:06 +0100)]
x86: add movnti emulation
Linux added the use of movnti for copying from user to kernel space in
certain cases, and as per reports we got this may happen with the
destination being in MMIO.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
xen-unstable changeset: 18657:c4be040bef6faa4a1eae4ce71636cc1ae88a9f35
xen-unstable date: Mon Oct 20 15:22:58 2008 +0100
Keir Fraser [Thu, 16 Oct 2008 17:26:50 +0000 (18:26 +0100)]
x86/mm: Use l1e_get_pfn() in destroy_grant_pte_mapping().
On x86_64 system, (pte >> PAGE_SHIFT) is not always equal to page
frame number because high bits (63:52) of pte may be used as
flags. This patch corrects the conversion and errors as below
disappear when applied.
(XEN) mm.c:3074:d0 PTE entry 200000a2ec6167 for address a1f09958
doesn't match frame a2ec6
Keir Fraser [Thu, 16 Oct 2008 17:24:40 +0000 (18:24 +0100)]
xend: Move some backend configuration info.
This patch moves some dom0 variables and backend device
configuration from frontend directories to
/local/domain/<backdomid>/backend or /vm.
Also,
- /vm_path/<domid> is introduced, referencing the /vm path
- /vm_path/device/backend holds the backend device location,
rather than storing it in the frontend directory
xend: Make only selected subdirs of /local/domain/<domid> writable by
the guest.
This protects critical data like
/local/domain/<domid>/console/{tty,limit}. It also means we can trust
.../vm, and hence do not need /vm_path. Various parts of the previous
two changesets disappear.
Keir Fraser [Thu, 16 Oct 2008 17:16:19 +0000 (18:16 +0100)]
x86: change _PAGE_GNTTAB
Since Linux started to use one of the 3 low available bits, _PAGE_IO
needed to be moved to a different one. Not remembering about
_PAGE_GNTTAB in debug hypervisors, I ended up assigning it to the same
bit, which made the kernel fail on the debug hypervisor. However,
rather than fixing the kernel it seems more appropriate for the
hypervisor to stay away from these bits, not the least because its
definition was anyway accompanied by a warning that this may be
incompatible with certain OSes.
While obviously the hypervisor has to use some bit (and it's therefore
unavoidable that there's some risk of collision), using one of the
high available bits seems to be the better choice over using one of
the three low ones. Since in 32-bit mode these bits are reserved, the
patch disables the functionality here. The only reasonable alternative
I would see is to disable the functionality by default, but add a
command line option to specify which bit to use.
This small patch fixes an issue leading to a crash (segfault, although
with earlier changesets I was seeing sigbus - not sure what changed)
in qemu-dm when the following conditions occur:
1. A valid mapping for a bucket on a low address exists
2. Immediately after accessing memory mapped in this bucket, an access
occurs to a high (beyond assigned ram) address beyond the 1GB limit
for 32bit map cache wrapping around to the previous bucket's entry
number.
3. The next call to map cache again accesses the low address.
In this scenario, the guest mem for the low bucket has been unmapped
by the remap_bucket caused by 2., but because the valid_mapping
bit-test fails, map_cache returns before last_address_index has been
updated. The subsequent call to map_cache therefore never remaps the
low, valid bucket and instead returns a vaddr pointing to memory that
has failed to get mapped.
Fix HVM guest's save/restore by ignoring the null cdrom string
When we use qcow in hvm config file, like
disk=['tap:qcow:/img/qcow.img,hda,w',',hdc:cdrom,r'],
HVM guest restore would fail.
The patch fixes the issue by ignoring the null cdrom string.
Keir Fraser [Thu, 28 Aug 2008 10:58:12 +0000 (11:58 +0100)]
tools/xenmon/Makefile: Move LDFLAGS after $<
gcc expects libraries needed for object files to be specified after
the object. Linking usually does not fail, unless it is optimized (for
instance, using -Wl,-as-needed).
The related Gentoo bug is 135145 [ https://bugs.gentoo.org/135145 ].
From: Robert Buchholz <rbu@gentoo.org> Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 18386:ab8212bd5604f58635e2b8bc6ffec6eddd211cf9
xen-unstable date: Wed Aug 27 15:02:38 2008 +0100
Keir Fraser [Thu, 28 Aug 2008 10:56:19 +0000 (11:56 +0100)]
Fall back to a timer linked list when the timer heap overflows. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 18381:070688cdf62c7a1ed78404e5277ece18a9b88364
xen-unstable date: Wed Aug 27 13:24:35 2008 +0100
Keir Fraser [Thu, 28 Aug 2008 10:48:36 +0000 (11:48 +0100)]
x86: Assert in_irq() while processing guest-bound interrupts.
Actually a fair amount of infrastructure is onvolved these days, and
we'd like subsystems we call into know that we're in IRQ context so
they can handle that or BUG/ASSERT if appropriate.
Keir Fraser [Thu, 14 Aug 2008 09:21:30 +0000 (10:21 +0100)]
Fix restore crash with certain guest memory sizes
This fixes a crash when restoring guests with certain memory sizes (eg
223MB). The ROUNDUP in the call to memcpy, was the main offender, but
I didn't care for the inplace resizing of the p2m entries either.
Signed-off-by: Bruce Rogers <brogers@novell.com>
xen-unstable changeset: 18329:ca7dd77d53652aa55be27746540ec50cb9608ec4
xen-unstable date: Thu Aug 14 10:18:08 2008 +0100
This changeset is back-ported from xen-unstable. Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>
The original description of the changeset is:
vtd: Various cleanups and fixes:
* Handle DRHDs with different supported AGAWs. To support this we
create page tables which always have 4 levels, and skip top levels
for units which support only 2 or 3 levels.
* Handle systems with mixed DRHD support for cache snooping. We must
pessimistically CLFLUSH if any DRHD does not support snooping.
Considering Xen 3.2, for 32-bit Xen, maddr_to_virt() can not be used
in print_vtd_entries() since the pages (except the pgd) are allocated
from domheap.
VT-d: remove Xen and tboot range from dom0's VT-d table
This a step forward to fix the security hole introduced by dom0's 1:1
mapping VT-d table: remove the critical code and data from it. The
more flexible solution is to update dom0's VT-d table on demand as
what will be done for other PV domains. However, there could bring a
performance issue even with software optimization. Iotlb flush of some
hardware is time-consuming.
Fix 17725:c0c0f4fa8850: use type paddr_t instead of unsigned long for
physcial memory address Otherwise, the address overflows on PAE system
with memory size > 4G.
USB controller RMRR (0xed000 - 0xeffff) conflicts with HVM guest bios
region. Setting identity mapping for it will cover the guest bios
region in p2m table. This causes system crash.
As VT-d spec says, USB controller RMRR is used in case of DMA
performed by a USB controller under BIOS SMM control for legacy
keyboard emulation. Whereas, current guest BIOS doesn't support
emulating stardand Keyboard/mouse, and it also doesn't support SMM
mode. Actually it is no chance to use USB controller RMRR now.
This patch ignores the USB controller RMRR for HVM guest.
Signed-off-by: Weidong Han <weidong.han@intel.com>
xen-unstable changeset 17248:70f9a2110421cc6f4ce066eb80d4c639a28643bd
xen-unstable date: Wed Mar 19 10:22:49 2008 +0000
Keir Fraser [Fri, 27 Jun 2008 16:04:41 +0000 (17:04 +0100)]
hvm rombios: Move function calls out of 'post' function section
Through recent additions to the rombios the code section of the post
function has filled up considerably. When I enable the BX_TCGBIOS
compile time option the BIOS crashes since the post section code
(starts at $e05b) spills over into the nmi entry point (starts at
$e2c3). as86 doesn't cause an error when building.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
xen-unstable changeset: 17901:3edc443ae8ce80742db2e2a90a260ffac1a7377e
xen-unstable date: Fri Jun 27 14:43:29 2008 +0100
Keir Fraser [Fri, 27 Jun 2008 16:04:10 +0000 (17:04 +0100)]
hvmloader: Set up any Intel ICH for legacy IDE. Signed-off-by: Li Zhang <li.zhang@intel.com>
xen-unstable changeset: 17897:be52424a543ec9f1437056ee3bf429a4c48a4ea9
xen-unstable date: Fri Jun 27 14:15:11 2008 +0100
Keir Fraser [Fri, 27 Jun 2008 16:01:31 +0000 (17:01 +0100)]
x86 acpi: Clean up output tracing. Ensure it is synced to serial line
before entering Sx state. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 17883:ad156e312aefd4deca7d968c13a6b9ed0ece45f8
xen-unstable date: Fri Jun 20 15:21:04 2008 +0100
Keir Fraser [Fri, 27 Jun 2008 16:00:59 +0000 (17:00 +0100)]
ioemu: Fix usbdevice parameter to encode vbd type.
usbdevice = "disk:<filename>"
expect a raw device (as this probably is the most usual case) and
usbdevice = "disk-qcow:<filename>"
expect a COW image (autodetected, probably qcow2).
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
xen-unstable changeset: 17877:52592af0204a55abd0898b1fbe390a55036079e2
xen-unstable date: Wed Jun 18 11:55:34 2008 +0100
projects / people / vhanquez / xen.git / log